File: ex6.php

Recommend this page to a friend!
  Classes of Marcos Bezerra  >  Web Open Patch  >  ex6.php  >  Download  
File: ex6.php
Role: Example script
Content type: text/plain
Description: Example #6: Anti-XSRF Injection
Class: Web Open Patch
Filter values to prevent security exploits
Author: By
Last change:
Date: 11 years ago
Size: 738 bytes
 

Contents

Class file image Download
<?php

include_once("WebOpenPatch.php");

$wop = new WebOpenPatch();

$token = wopAntiXsrfInjection();

$form = '<form action="' . $_SERVER['PHP_SELF'] . '" method="POST">
         <input type="hidden" name="token" value="'
. $token . '" />
         <!-- Restante do formulário -->
         <input type="submit" name="enviar" value="Enviar">
         </form>'
;

if (isset(
$_POST['enviar']) && $_POST['enviar'] == 'Enviar') { //se houve post

   
if (wopAntiXsrfInjection(false)) { //checa validade do token

        //token é válido, continua processando os dados do form

   
} else { //token inválido
       
die("Dados inválidos!");
    }

} else {
// não houve postagem
   
echo $form; //exibe o form
}

?>

For more information send a message to info at phpclasses dot org.